Browse Definitions :

Threat management

Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

FAC - MET

  • Facebook cloning - Facebook cloning is a scam in which the attacker copies the profile picture of an authorized user, creates a new account using that person’s name and sends friend requests to people on the user’s list.
  • Facebook scam - A Facebook scam is a post or page on the popular social networking site designed to deceive users and spread rapidly through their personal networks.
  • FACTA (Fair and Accurate Credit Transactions Act) - FACTA (Fair and Accurate Credit Transactions Act) is an amendment to FCRA (Fair Credit Reporting Act ) that was added, primarily, to protect consumers from identity theft.
  • Faraday cage - A Faraday cage is a metallic enclosure that prevents the entry or escape of an electromagnetic field (EM field).
  • fast flux DNS - Fast flux DNS is a technique that a cybercriminal can use to prevent identification of his key host server's IP address.
  • Federal Emergency Management Agency (FEMA) - Federal Emergency Management Agency (FEMA) is a United States government agency with the purpose to coordinate aid and respond to disasters around the nation when local resources are insufficient.
  • federated identity management (FIM) - Federated identity management (FIM) is an arrangement between multiple enterprises or domains that enables their users to use the same identification data (digital identity) to access all their networks.
  • FFIEC compliance (Federal Financial Institutions Examination Council) - FFIEC compliance is conformance to a set of standards for online banking issued in October 2005 by the Federal Financial Institutions Examination Council (FFIEC).
  • fileless malware attack - A fileless malware attack is a type of malicious attack a hacker can use to leverage applications already installed in a computer.
  • firefighting - Firefighting is an emergency allocation of resources, required to deal with an unforeseen problem.
  • Firesheep - Firesheep is a Firefox plug-in that automates session hijacking attacks over unsecured Wi-Fi networks.
  • firewall - A firewall is software or firmware that prevents unauthorized access to a network.
  • FirewallD - FirewallD, also known as Dynamic Firewall, replaces Fedora's old firewall tool, iptables, and allows for easier configuration and interface.
  • footprinting - Footprinting is an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, an infrastructure and networks to identify opportunities to penetrate them.
  • forensic watermark (digital watermark) - A forensic watermark, also called a digital watermark, is a sequence of characters or code embedded in a digital document, image, video or computer program to uniquely identify its originator and authorized user.
  • freeware - Freeware (not to be confused with free software) is programming that is offered at no cost and is a common class of small applications available for downloading and use in most operating systems.
  • frequency-hopping spread spectrum (FHSS) - Frequency-hopping spread spectrum (FHSS) transmission is the repeated switching of the carrier frequency during radio transmission to reduce interference and avoid interception.
  • Gen V attack (5th generation cyberattack) - Gen V attack is a 5th generation cyberattack that is typically defined by the threat level and sophistication of the attack, including very large data breaches.
  • globbing - Globbing is the process of expanding a non-specific file name containing a wildcard character into a set of specific file names that exist in storage on a computer, server, or network.
  • Google dork query - Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries.
  • Google Project Zero - Google Project Zero is a security research unit within Google Inc.
  • Google Titan - Google Titan is a security chip designed to protect computers from firmware-based rootkits and other malware-infecting firmware.
  • government Trojan - A government Trojan is spyware installed on a computer or network by a law enforcement agency for the purpose of capturing information relevant to a criminal investigation.
  • Great Firewall of China - The Great Firewall of China is a national effort to protect Chinese corporate and state secrets and infrastructure from cyberattacks.
  • Group Policy Object (GPO) - Microsoft’s Group Policy Object (GPO) is a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users.
  • gyroscope - A gyroscope is a device with a spinning disc or wheel mechanism that harnesses the principle of conservation of angular momentum: the tendency for the spin of a system to remain constant unless subjected to external torque.
  • hacker - A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.
  • hacking as a service (HaaS) - Hacking as a service (HaaS) is the commercialization of hacking skills, in which the hacker serves as a contractor.
  • hacktivism - Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason.
  • hard-drive encryption - Hard-drive encryption is a technology that encrypts the data stored on a hard drive using sophisticated mathematical functions.
  • hardware vulnerability - A hardware vulnerability is an exploitable weakness in a computer system that enables attack through remote or physical access to system hardware.
  • hashing - Hashing is the process of transforming any given key or a string of characters into another value.
  • Have I Been Pwned (HIBP) - Have I Been Pwned (HIBP) is a website that allows users to search and find out if an email address’s password has been compromised.
  • Heartbleed - Heartbleed is a vulnerability in some implementations of OpenSSL.
  • honey monkey - A honey monkey is a virtual computer system that is programmed to lure, detect, identify and neutralize malicious activity on the Internet.
  • honeynet - A honeynet is a network set up with intentional vulnerabilities hosted on a decoy server to attract hackers.
  • honeypot (computing) - A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts to gain unauthorized access to information systems.
  • host intrusion prevention systems (HIPS) - A host intrusion prevention system (HIPS) is a security method that relies on third-party software tools to monitor network traffic and system activities for anomalous code behavior to identify and prevent malicious activities.
  • hot mic (roving bug) - A hot mic, in a mobile security context, is a smartphone microphone that has been remotely activated for surveillance purposes.
  • hotword - Hotword is an audio listening module included with Google Chrome and Chromium, the open source version of the browser.
  • Hypertext Transfer Protocol Secure (HTTPS) - Hypertext Transfer Protocol Secure (HTTPS) is a protocol that secures communication and data transfer between a user's web browser and a website.
  • ICS security (industrial control system security) - ICS security is the area of concern involving the safeguarding of industrial control systems, the integrated hardware and software designed to monitor and control the operation of machinery and associated devices in industrial environments.
  • identity theft - Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable information (PII), such as Social Security or driver's license numbers, to impersonate someone else.
  • ILOVEYOU virus - The ILOVEYOU virus comes in an email with 'ILOVEYOU' in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book.
  • image replay attack - An image replay attack is the use of a picture to fool an authentication method.
  • incidence - Incidence, in statistics, is the rate of occurrence of something within a population, or the number of times it occurs.
  • Indicators of Compromise (IOC) - Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor.
  • industrial espionage - Industrial espionage is the covert, and sometimes illegal, practice of investigating competitors to gain a business advantage.
  • initialization vector (IV) - An initialization vector (IV) is an arbitrary number that can be used along with a secret key for data encryption.
  • inline frame (iframe) - An inline frame (iframe) is a HTML element that loads another HTML page within the document.
  • input validation attack - An input validation attack is any malicious action against a computer system that involves manually entering strange information into a normal user input field.
  • insecure deserialization - Insecure deserialization is a vulnerability in which an untrusted or unknown data is used to either inflict a denial of service attack (DoS attack), execute code, bypass authentication or further abuse the logic behind an application.
  • insider threat - An insider threat is a category of risk posed by those who have access to an organization's physical or digital assets.
  • integer overflow - Integer overflow is the result of trying to place into computer memory an integer (whole number) that is too large for the integer data type in a given system.
  • International Data Encryption Algorithm (IDEA) - The International Data Encryption Algorithm (IDEA) is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet.
  • Internet Crime Complaint Center (IC3) - The Internet Crime Complaint Center (IC3) is a website and that offers users a standardized mechanism and interface to report suspected cybercrime or other illegal activity facilitated by the internet.
  • Internet Key Exchange (IKE) - Internet Key Exchange (IKE) is a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).
  • Internet Storm Center - The Internet Storm Center is a website provided by the SANS Institute that monitors current online security attacks and publishes information about them.
  • intrusion detection system (IDS) - An intrusion detection system (IDS) is a system that monitors network traffic for suspicious activity and alerts when such activity is discovered.
  • intrusion prevention system (IPS) - An intrusion prevention system (IPS) is a network security and threat prevention tool.
  • IoT botnet (Internet of Things botnet) - An IoT botnet (Internet of Things botnet) is a group of hacked computers, smart appliances and Internet-connected devices that have been co-opted for illicit purposes.
  • IoT security (internet of things security) - IoT security is the technology segment focused on safeguarding connected devices and networks in the internet of things (IoT).
  • IP spoofing - Internet Protocol (IP) spoofing is a type of malicious attack where the threat actor hides the true source of IP packets to make it difficult to know where they came from.
  • IP surveillance - IP surveillance is a digitized and networked version of closed-circuit television (CCTV).
  • IPsec (Internet Protocol Security) - IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.
  • ISA Server - Microsoft's ISA Server (Internet Security and Acceleration Server) was the successor to Microsoft's Proxy Server 2.
  • ISO 27001 - ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS).
  • JavaScript - JavaScript is a programming language that started off simply as a mechanism to add logic and interactivity to an otherwise static Netscape browser.
  • JavaScript hijacking - JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML).
  • juice jacking - Juice jacking is a security exploit in which an infected USB charging station is used to compromise connected devices.
  • Kaspersky Lab - Kaspersky Lab is a security software and services company with a presence in 200 countries and territories around the world.
  • Kerberos - Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet.
  • key fob - A key fob is a small, programmable device that provides access to a physical object.
  • keylogger (keystroke logger or system monitor) - A keylogger, sometimes called a keystroke logger or keyboard capture, is a type of surveillance technology used to monitor and record each keystroke on a specific computer.
  • keyword stuffing - Keyword stuffing is the practice of inserting a large number of keywords into Web page content and meta tags in the attempt to artificially increase the page's ranking in search results.
  • kill switch - A kill switch in an IT context is a mechanism used to shut down or disable a device or program.
  • Kraken - Kraken is the name given to a family of malware that's currently being used to create what the security firm Damballa has called "the world's largest botnet.
  • LEAP (Lightweight Extensible Authentication Protocol) - LEAP (Lightweight Extensible Authentication Protocol) is a Cisco-proprietary version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
  • logic bomb - A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met.
  • macro virus - A macro virus is a computer virus written in the same macro language used to create software programs such as Microsoft Excel or Word.
  • macrotrend - A macro trend is a persistent shift in the direction of some phenomenon on a global level.
  • madware - Madware is a type of aggressive advertising that affects smartphones and tablets.
  • mail bomb - A mail bomb is a form of a denial-of-service (DoS) attack designed to overwhelm an inbox or inhibit a server by sending a massive number of emails to a specific person or system.
  • malvertisement (malicious advertisement or malvertising) - A malvertisement (malicious advertisement) is an advertisement on the Internet that is capable of infecting the viewer's computer with malware.
  • malware - Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.
  • Malware Analysis Report (MAR) - Malware Analysis Report (MAR) is a document that relates the functionality and effects of a given piece of malware.
  • malware testing - Malware testing is the practice of subjecting malicious programs to software testing tools and procedures designed to assess the viability of legitimate applications.
  • Malwarebytes software - Malwarebytes is a cross-platform anti-malware program that detects and removes malware and other rogue software.
  • managed file transfer (MFT) - Managed file transfer (MFT) is a type of software used to provide secure internal, external and ad-hoc data transfers through a network.
  • managed security service provider (MSSP) - A managed security service provider (MSSP) is an IT service provider that sells security services to businesses.
  • MD5 - The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.
  • meet-in-the-middle attack - Meet-in-the-middle is a known plaintext attack that can greatly reduce the number of brute-force permutations required to decrypt text that has been encrypted by more than one key.
  • Melissa virus - Melissa was a type of email virus that initially become an issue in early 1999.
  • Meltdown and Spectre flaws - Meltdown and Spectre flaws are variations on vulnerabilities to most computer chips manufactured in the past 20 years that can gain access to data and information stored on the device.
  • memory dump attack - A memory dump attack is the capture and use of RAM content that was written to a storage drive during an unrecoverable error, which was typically triggered by the attacker.
  • memory-scraping malware - Memory-scraping malware is a type of malware that helps hackers to find personal data.
  • messaging security - Messaging security is a subcategory of unified threat management (UTM) focused on securing and protecting an organization’s communication infrastructure.
  • metamorphic and polymorphic malware - Metamorphic and polymorphic malware are two types of malicious software (malware) that can change their code as they propagate through a system.
  • Metamorphic virus - A metamorphic virus is a type of malware that is capable of changing its code and signature patterns with each iteration.
SearchNetworking
  • virtual network functions (VNFs)

    Virtual network functions (VNFs) are virtualized tasks formerly carried out by proprietary, dedicated hardware.

  • network functions virtualization (NFV)

    Network functions virtualization (NFV) is a network architecture model designed to virtualize network services that have ...

  • overlay network

    An overlay network is a virtual or logical network that is created on top of an existing physical network.

SearchSecurity
  • X.509 certificate

    An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) ...

  • directory traversal

    Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory ...

  • malware

    Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server.

SearchCIO
  • data latency

    Data latency is the time it takes for data packets to be stored or retrieved. In business intelligence (BI), data latency is how ...

  • chief data officer (CDO)

    A chief data officer (CDO) in many organizations is a C-level executive whose position has evolved into a range of strategic data...

  • information technology (IT) director

    An information technology (IT) director is the person in charge of technology within an organization. IT directors manage ...

SearchHRSoftware
SearchCustomerExperience
  • implementation

    Implementation is the execution or practice of a plan, a method or any design, idea, model, specification, standard or policy for...

  • first call resolution (FCR)

    First call resolution (FCR) is when customer service agents properly address a customer's needs the first time they call.

  • customer intelligence (CI)

    Customer intelligence (CI) is the process of collecting and analyzing detailed customer data from internal and external sources ...

Close